Many times, after we install a web service application (such as tomcat, apache, etc.) on a liunx system, we need to allow other computers to access the application, but the firewall of the linux system (centos, redhat, etc.) only opens port 22 to the outside by default. The port settings of the Linux system are configured in the /etc/sysconfig/iptables file. Open the file using an editor. The content is as follows: # Firewall configuration written by system-config-firewall # Manual customization of this file is not recommended. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT The following code is said on the Internet -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 3001 -j ACCEPT I tested the above code in CentOS6.5 and it didn't work. If we need to open port 80 to the outside world, add the following code to the above file -A INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT Also note that this code needs to be added to -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT After that, otherwise the port cannot be opened either. The final configuration is as follows: # Firewall configuration written by system-config-firewall # Manual customization of this file is not recommended. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT Editing the above file requires su permission. After saving the above file, run the following command in the terminal: Update the firewall configuration service iptables restart The following command can see the open ports /sbin/iptables -L -n The following command can turn off/on the firewall (requires restarting the system) Enable: chkconfig iptables on To turn off: chkconfig iptables off The following code can start and stop the firewall (effective immediately and invalid after restart) Start: service iptables start Shutdown: service iptables stop The above is the editor's introduction to the Linux system opening 3306, 8080 and other ports to the outside world, and the detailed integration of firewall settings. I hope it will be helpful to everyone. If you have any questions, please leave me a message and the editor will reply to you in time. I would also like to thank everyone for their support of the 123WORDPRESS.COM website! You may also be interested in:
|
<<: Using keras to judge SQL injection attacks (example explanation)
>>: How to make your browser talk with JavaScript
When using MySQL to query the database and execut...
Preface The requirement implemented in this artic...
When using the font-family property in CSS to ref...
Open the decompressed directory of tomcat and you...
Table of contents Overview 1. Hook calling order ...
Table of contents status quo Solution Further sol...
I came into contact with CSS a long time ago, but...
What is serdel userdel is a low-level tool for de...
<br />Tips for making web table frames. ----...
MySQL is a commonly used open source database sof...
FTP and SFTP are widely used as file transfer pro...
This article shares the simple process of install...
When configuring the interface domain name, each ...
I believe some people have seen this picture of c...
In fact, this is very simple. We add an a tag to ...